Philabundance says cyber thieves took nearly $1M in a scam this year

Jane Clements-Smith, executive director of Feeding PA, helps load trucks at Philabundance’s South Philly location. (Kimberly Paynter/WHYY)

Jane Clements-Smith, executive director of Feeding PA, helps load trucks at Philabundance’s South Philly location. (Kimberly Paynter/WHYY)

This article originally appeared on NBC10.

The local food bank Philabundance says it was targeted by cyber thieves this summer amid feeding thousands of people in need during the pandemic.

The nature of the theft was left unsaid in Philabundance’s statement Tuesday, but CEO Loree Jones told the Inquirer the thieves used a phishing scam to take close to a million dollars.

According to a Philadelphia Inquirer report, cyber thieves infiltrated the group’s email server and then mimicked a construction company that had done work for Philabundance. The thieves emailed a fake invoice with instructions leading to a bank account controlled by the thieves. Someone then sent the thieves the payment – about $923,000.

“It’s increasingly difficult for any operation – nonprofit or for-profit – to protect itself from cybercrime. And it’s unfortunate that we have been preyed upon as a social philanthropic organization and must increase our security efforts. We are encouraging other nonprofit organizations to do the same,” Philabundance wrote in a statement.

Despite that concern, the nonprofit reassured donors that their data was secure. It said its online donation system was unaffected and no personal data was breached.

“Our donors can trust that their donations through that online platform have reached us and will continue to reach us, and will be used to feed the hundreds of thousands of people in our area who do not get enough to eat on a daily basis,” Philabundance wrote.

The FBI and Philadelphia Police Department’s Major Crimes Unit are investigating.

Greater need

The economic events of 2020 spurred an unprecedented need for food, and we have seen long lines at food giveaways across our region.

Need spiked in March as many stores and restaurants closed or reduced capacity to prevent the spread of the coronavirus. Workers in those industries and others faced reduced hours or their jobs lost entirely.

“In this pandemic, the hunger crisis in the Philadelphia region has grown to unprecedented dimensions. Many of the people coming to us for help are people who’ve never before relied upon a charitable food system. And we are serving far more people than we have in years past,” Jones wrote in a news statement.

Tuesday is Giving Tuesday, a global event urging people to donate to a charitable cause they support. In a statement, Philly Mayor Jim Kenney recommended people who can afford it to contribute to food access nonprofits.

The city works with Step Up to the PlateShare Food Program, and Philabundance. Families and individuals who need food can visit phila.gov/food or call 311 to find a pickup location.

Avoiding phishing

The phishers who targeted Philabundance were sophisticated, spoofing an email that the nonprofit was expecting to receive. But others might send you an email or text for a service you didn’t ask for or tell you to pick up an item you didn’t order.

If something feels off, it doesn’t hurt to call a customer service number (get it from the company’s legitimate website) or check your account online.

More information on recognizing and preventing phishing can be found on the FBI’s website.

Broke in PhillyWHYY is one of over 20 news organizations producing Broke in Philly, a collaborative reporting project on solutions to poverty and the city’s push towards economic justice. Follow us at @BrokeInPhilly.

Get daily updates from WHYY News!

Want a digest of WHYY’s programs, events & stories? Sign up for our weekly newsletter.

Together we can reach 100% of WHYY’s fiscal year goal